<?php
    /**
    * Documents save action
    */
    if (!defined('EXPONENT')) exit('');
    if (exponent_users_isAdmin() ||  exponent_permissions_check(array("administrate","upload"),exponent_core_makeLocation("profilemodule","_syscore","")))
    {
        $documents=null;
        if (isset($_REQUEST['documents_id']))
        {
            $documents=$db->selectObject('profilemodule_documents','id='.intval($_REQUEST['documents_id']));
        }
        
        $documents->name = $_REQUEST['documents_name'];
        if (!isset($documents->id))
        {
            $documents->create_by = $user->firstname." ".$user->lastname."(".$user->username.")";
            $documents->user_id = $_REQUEST['user_id'];
            $documents->post_date = time();
        }
        
        $documents->xls_file = ($_REQUEST['xls_file']);
        $documents->flv_file = ($_REQUEST['flv_file']);
        $documents->mp3_file = ($_REQUEST['mp3_file']);
        $documents->doc_file = ($_REQUEST['doc_file']);
        $documents->ppt_file = ($_REQUEST['ppt_file']);
        $documents->pdf_file = ($_REQUEST['pdf_file']);
        $documents->img_file = ($_REQUEST['img_file']);

        if (isset($documents->id)) {
            $db->updateObject($documents,'profilemodule_documents');
        } else 
        {
            $db->insertObject($documents,'profilemodule_documents');
        }
        echo "OK";
    }
    else
        exponent_http_error(403);

?>
